问题
The last two bits of the CS register contain the Current Privilege Level (CPL), which can contain either the value 0 or 1 or 2 or 3.
If the value of CPL is 0, does that mean the CPU is in kernel mode (and hence can do everything)? or are there other things that must apply in order for the CPU to be in kernel mode?
回答1:
Yes, CPL=0 means kernel/supervisor mode. However, in real mode CPL is also 0 but not reflected in CS. Likewise, in virtual 8086 mode, CPL is 3 and not reflected in CS.
Somewhat related, you may also check for protected mode by examining bit 0 of CR0 using the SMSW instruction (it returns 16 lower bits of CR0). The bit will be set to 1 in virtual 8086 mode because the CPU can get there only through protected mode (you may consider the former as a submode of the latter).
回答2:
A CPL value of 0 is called kernel mode. By the way, a CPL value smaller than 3 is called supervisor mode and a CPL value of 3 is called user mode.
The ENCLU instruction (part of Intel SGX instruction set) can only be executed in user mode. This is the only instruction that I know of that can only be executed in user mode. If CPL < 3, executing ENCLU results in an invalid opcode exception.
There are some things that the supervisor mode code can prevent itself from doing but still allows user mode code to perform them:
- If
CR4.SMEPis set, a page fault occurs if supervisor mode code attempts to fetch an instruction from a User page. - If
CR4.SMAPis set, a page fault occurs if supervisor mode code attempts to access data from a User page.
It's worth noting that a performance event select register contains flags called the user mode flag and the operating system mode flag. In this context, the "user" mode includes privilege levels 1, 2, and 3 and the "operating system" mode includes privilege level 0.
来源:https://stackoverflow.com/questions/55506822/is-an-x86-cpu-in-kernel-mode-when-the-cpl-value-of-the-cs-register-is-equal-to-0